On Thursday, September 8, 2017, Equifax, Inc. announced that they were the victim of a significant attack which granted access to the personal information of approximately 143 million individuals. The attack was discovered late July but was active since at least mid-May. The personal data exposed information such as social security numbers, birth dates, addresses, and in some cases credit card numbers, driver’s license numbers, and credit dispute documents.
What should you do?
To find out if your data may have been compromised, visit the Equifax security site at equifaxsecurity2017.com. Additionally, here are some immediate considerations:
- Change your password if you have an account at Equifax.com. If you do and you have used that password for any other accounts or applications, change those immediately.
- Place a credit freeze on your report. This will freeze access to your credit report information which makes it difficult for identity thieves to open a new account in your name.
- Sign up for a separate identity monitoring and protection service. Identity Guard is one example but there are many others.
BPM is here to assist you
If you have any questions on how this breach may impact you or your business, contact Ashwani Verma, Information Technology Audit and Compliance Group Leader at AVerma@bpmcpa.com or 415-0677-4502. Visit us today at bpmcpa.com/cybersecurity.
BPM for Information Security Assessment Services
At BPM, we can help your organization make informed decisions to best tackle your security issues, from cybersecurity standards and regulations to practical cybersecurity vulnerability remediation guidance. With extensive regulatory compliance experience in penetration testing, including HIPAA, PCI and cybersecurity requirements for financial services companies (23 NYCRR Part 500), our solutions are uniquely developed to meet your organization’s specific needs. Contact us today to protect your business. Cybersecurity compliance solutions for today’s global organizations.
This alert contains information in summary form and is intended for general guidance only. It is not intended to be a substitute for detailed research nor the exercise of professional judgment. Neither BPM nor any member of the BPM firm can accept any responsibility for loss brought to any person acting or refraining from action as a result of any material in this alert. On any specific matter, reference should be made to the appropriate advisor.